bpf: check changes_pkt_data property for extension programs

...

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. For example, consider the following program: attributenoinline long...

WordPress plugin Featured Image Plus – Quick & Bulk Edit with Unsplash 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin Featured...

OESA-2025-1539 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. Fo...

CVE-2024-4427

The Comparison Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 1.0.5. This makes it possible for authenticated attackers, with subscriber access or above, to change plugi...

CVE-2024-0434

The WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ttbmnewplacesave' function in all versions up to, and including, 1.7.1. This makes it possible for...

CVE-2024-9626

The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...

CVE-2023-21928

Vulnerability in the Oracle Solaris product of Oracle Systems component: IPS repository daemon. The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle...

The vulnerability of the SNMPv3 implementation of SCALANCE W-700 IEEE 802.11ax industrial switches allows a intruder to alter the data representation type.

The vulnerability of the SNMPv3 implementation of SCALANCE W-700 IEEE 802.11ax switches is related to access control errors. Exploiting this vulnerability allows a remote attacker to alter the data representation type...

SUSE CVE-2024-58098

In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. For example, consider the following program: attributenoinline long...

PT-2025-19710

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the tracking of changes pkt data property for global functions. The issue occurs when processing calls to certain helper...

openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...

CVE-2025-30731

Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite component: Configuration. Supported versions that are affected are 12.2.3-12.2.14. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle...

CVE-2025-30729

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications component: Security. Supported versions that are affected are 7.4.0, 7.4.1 and 7.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, vendor relationship management, and other functions. A security vulnerability exists in Oracle PeopleSoft's PeopleSoft...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management, etc. Application Object Library AOL, Application Object Library is one of the system management...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Applications Technology Stack...

PT-2025-16227 · Softcom · Softcom Iksoris Internet Starter

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue is related to Stored XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form designed for changing user's data with a malicious script...

WordPress plugin VW Storefront 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...